Back

Community Bank Reports Data Exposure from Unauthorized AI Application

Severity: Medium (Score: 48.9)

Sources: Techcrunch, Theregister, Classaction

Summary

Community Bank, operating in Pennsylvania, Ohio, and West Virginia, reported a cybersecurity incident involving the unauthorized use of an AI application that exposed sensitive customer data. The bank disclosed this in an 8-K filing with the SEC on May 7, detailing that names, dates of birth, and Social Security numbers were compromised. The exact nature of the AI application remains unspecified, but it is suspected that customer data may have been uploaded to an online AI chatbot. The bank is currently investigating the incident and evaluating the affected data, while notifying customers as required by law. No operational impact on banking services was reported, and the bank is in communication with regulators regarding the incident. The scope of the data exposure and the number of affected customers have not been disclosed. Key Points: • Community Bank disclosed a data exposure incident involving sensitive customer information. • The incident was linked to an unauthorized AI application, potentially an online chatbot. • The bank is investigating the breach and notifying affected customers as per legal requirements.

Key Entities

  • Data Breach (attack_type)
  • CB Financial Services (company)
  • Community Bank (company)
  • CWE-200 - Exposure of Sensitive Information (cwe)
  • classaction.org (domain)
  • Financial (industry)
  • T1567 - Exfiltration Over Web Service (mitre_attack)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed